SOC 1 specific:

A SOC 1 is an audit of the operating effectiveness of our internal control environment. Internal controls include, but are not limited to, employee background checks, physical and logical access controls, the entire Systems Development Life-Cycle (SDLC), and IT change control. This report serves as a window into how we operate as a service provider.

A SOC 1 Type 2 report provides independent third-party verification by a licensed 3rd party accounting firm as to whether control activities were suitably designed and operating effectively during the audit period. SAP Fieldglass operates on a 12-month audit period. The scope of the audit includes both our corporate headquarters and R&D technology center where all software planning, design, development, testing and support activities are performed. This single report is designed to satisfy both domestic and overseas customers.

Our SOC 1 Type 2 assessment is conducted in accordance with the Statement on Standards for Attestation Engagements No. 16 (SSAE 16) and the International Standards for Assurance Engagements No. 3402 (ISAE 3402). This version of the report covers the audit period 1. October 2014 to 30. September 2015.

General:

A copy of this report is available for businesses that have signed an MNDA with SAP Fieldglass. This report is confidential and must not be redistributed.